blob: 9df6452fa57526e4c8b8aee9bd3392e923eb3833 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# tgr - Torified GPG Refresh
A simple privacy-minded bash utility to refresh GPG keys randomly and on a randomised timer over changing TOR circuits.
Depends on `bash`, `tor` and `torsocks`.
# Usage
This utility is a simple 1-file bash script. The script can still be run if `tor` isn't currently running, and it will periodically recheck the `tor` status and process GPG keys when it is.
A systemd user service is also included to have the file run in the background. Copy the service file to `/etc/systemd/user`. The service can then be enabled and started with `systemctl --user enable --now tgr.service`. When using the systemd service, attempted refreshes, including the key fingerprint, are logged to the journal.
Arch users can get `tgr` from the AUR, or use the included PKGBUILD to create the package as follows:
git clone https://github.com/aeryxium/gpgrefresh.git
cd gpgrefresh
makepkg -si
# How it works
`tgr` has a very simple model:
1. Get a list of all public key fingerprints in your keyring and randomise them;
2. Take the first key from the list, and attempt to refresh it over an isolated tor socket; and
3. Once all keys have been refreshed, generate and randomise the list again and start over.
There are a few notes on this you should be aware of:
* If `tor` is not available when an attempt to refresh a key is made, the application will wait a randimosed period of time;
* If a key fails to be refreshed, the application will wait a randimosed period of time;
* In both cases, the randomised time period will be somewhere between 15 and 45 minutes;
* Keys that fail to be refreshed will be attempted a total of 3 times before moving on;
* Only your public keys are checked; and
* All subkeys are refreshed with your master keys, so subkeys aren't refreshed separately.
|